How to use authentication for django-prometheus when deployed to production?
See original GitHub issueEvery path in our urls go through a LoginMiddleware
that requires login authentication and redirects the user to /admin/login
if not authenticated. The exceptions are the API enpoints which use a token authentication.
This project is deployed in Kubernetes and when the requests are made to /metrics
they are redirected to the login page. Since we don’t want to make the /metrics
without authentication how can I use an authentication method for django-prometheus in production?
Issue Analytics
- State:
- Created 2 years ago
- Reactions:2
- Comments:6
Top Results From Across the Web
Using Prometheus for monitoring Django applications in ...
Enable Django monitoring ... This is the most important while monitoring our Django application. For that purpose, we will use django-prometheus.
Read more >Prometheus + Grafana in Django - Karan Churi - Medium
Once things are deployed in production environment, in-spite of rigorous ... In this tutorial we'll be using Prometheus & Grafana for our ...
Read more >Creating Custom Metrics with Prometheus - Monterail
For that purpose, we can use a default Django User model and also use the TokenAuthentication provided by the Django REST Frameworks library....
Read more >Instrumenting Django with Prometheus and StatsD
Here statsd_exporter comes into play. It uses the same UDP protocol as StatsD server and exports StatsD-style metrics as Prometheus metrics, so ...
Read more >python - How to setup prometheus on a Django project with an ...
I don't want to make the /metrics without authentication so how can I properly set up prometheus with Django using an authentication method?...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Found a final solution. I added a custom handle for the
/metrics
in my middleware’sprocess_request()
method like this:This will force the request to
/metrics
to authenticate so the first method attempted will be my custom authentication backend, that needs to be placed as first on the list insettings.py
. The finalbackends.py
looks like this:I also came across this issue, looked at various options and in the end my solution is this: In the ingress, instead of allowing /metrics, I forward it to a “blackhole” nginx service with nothing in it so /metrics is a 404 via ingress But prometheus hits the pod directly (and not via ingress), so can parse the metrics correctly I don’t want the world to know I have /metrics, and also wanted to avoid all the extra setup of passwords and so on My ingress looks like so
Where the blackhole service is a basic service with nginx and nothing else (ie: /metrics would be a 404, since it has nothing)